Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for defending against session hijacking attacks and firewall

Active Publication Date: 2014-07-03
SANGFOR TECH INC
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This patent relates to a new method and firewall for protecting against session hijacking attacks. The main benefit is that it validates the identification of the client side, preventing illegal access to the server and providing a more comprehensive and reliable defense against session hijacking attacks. This also prevents false or missing reports, even if the token is changed.

Problems solved by technology

However, in practical application, an attacker may steal state information through a session hijacking loophole to achieve an illegal access by personating as other authenticated clients.
However, defenses based on characteristics are passive defenses which cannot defend against session hijackings beforehand and may cause false reports and missing reports easily.
On the other hand, defenses based on tokens have disadvantages including singularity and time dependency.
Additionally, if the firewall is configured to defend against one kind of the session hijacking attacks, the session still can be hijacked via other kinds of session hijacking attacks and the firewall still cannot defend against the new kind of session hijacking attack.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for defending against session hijacking attacks and firewall
  • Method for defending against session hijacking attacks and firewall
  • Method for defending against session hijacking attacks and firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055]The disclosure is illustrated by way of example and not by way of limitation in the figures of the accompanying drawings in which like references indicate similar elements. It should be noted that references to “an” or “one” embodiment is this disclosure are not necessarily to the same embodiment, and such references mean at least one.

[0056]Referring to FIG. 1, which is a flow chart of a method for defending against session hijacking attacks in accordance with a first embodiment of the present disclosure. The method provided in the embodiment includes the following steps.

[0057]Step S10, receiving a first access request transmitted from a legal client side and further transmitting the first access request to a server.

[0058]When the legal client side accesses the server for the first time, an access request (that is, the first access request in the step S10) transmitted from the legal client side does not include a token, at this time, a firewall directly releases the access req...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present disclosure provides a method for defending against session hijacking attacks, including: receiving a first access request transmitted from a legal client side and transmitting the first access request to a server; receiving a first response comprising a first authentication token returned from the server; generating a first sequence value according to a network address of the legal client side and an identification code of the legal client side, and recombining the first authentication token and the first sequence value to form a second authentication token; and replacing the first authentication token in the first response with the second authentication token, and transmitting the first response comprising the second authentication token to the legal client side.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]This present application claims the benefit of Chinese Patent Application No. 201210579537.9 filed on Dec. 27, 2012; the contents of which are hereby incorporated by reference.BACKGROUND[0002]1. Technical Field[0003]The present disclosure relates to technologies of network telecommunications, and particularly, to a method for defending against session hijacking attacks and a firewall.[0004]2. Description of Related Art[0005]HTTP protocol is stateless and is not provided with a mechanism of connecting different kinds of requests / responses submitted by a user. Each of the requests / responses is an independent affair. In order to provide stateful HTTP, WEB applications need to dynamically interact with the user to maintain interaction state data between HTTP and a legal client side. The dynamic interaction process is called session. At first, the state data is transmitted to the legal client side for storage and then is returned for validati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/08H04L63/02H04L63/0807H04L63/0884H04L63/1466
Inventor WANG, PENGTAO
Owner SANGFOR TECH INC
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com